Various factors contributing to successful compliance control performance, such as compliance referring regulations, compliance experts, ethics, and structural organization within the financial institutions, are mentioned, and their impacts are described in the paper. Above-mentioned factors of successful compliance performance, compliance and ethical risks control and treatment methods were examined by Bishop (2007), Fitch (2007), Hampton (2011), Mills (2013), and others. Based on these and other works devoted to the topic of the need for compliance professionals within the financial services industry during the 21st century, the essay contains the historical background, analysis, and statistical data concerning compliance in order to accurately estimate the importance of compliance experts.
In recent years, in the U.S. financial affiliations, such as banks, the service of compliance controllers that is caused by the development of legislative regulation of bank activity, implementation of new standards and norms, such as requirements of Basel Capital Accord (Basel II), International Financial Reporting Standards, etc., is rapidly expanding. Nowadays, compliance is the direction of professional activity. The direction exists mainly in the financial and bank sphere though it is not limited to them. As a rule, the units that implement a function of check on compliance are known as compliance control services, and the people working in these units are known as compliance professionals. The role of compliance professionals is extremely high in the financial services industry in this century. However, the importance of compliance experts can be accurately estimated, if a historical basis, statistical and theoretical data of compliance services are studied in more detail.
Definition of the Studied Term
Positive reputation makes both the absence of well-known, connected with the individual or legal entity adverse cases, which have arisen as a result of his or her fault or omissions in his or her activity, as well as the acts directed on following legal and cultural norms. At the current stage of economic development, it is time to think of risks of business reputation loss, and also to build a risks control system, which is aimed at their identification, prevention, and reaction. In this regard, it is necessary to undertake complex measures for the development of mechanisms by means of which it is possible to minimize the risk of involvement of the company in processes, which can lead it not only to financial losses, but also trust loss from society represented by regulators, investors, partners, shareholders, clients, etc. The idea to create one of such mechanisms arose not long ago and is currently known as “compliance” (Tarantino, 2008).
Compliance is conformity to any internal or external requirements, or norms. However, this definition does not capture all essence of compliance as this concept is extremely broad. In world practice, especially in the U.S., the term has been used for a long time, and the functionality of the compliance function covers such important areas as counteraction of income legalization obtained in an illegal way and terrorism financing, work with the conflicts of interests, cooperation with the inspection authorities, development of normative documents and the procedures directed on the company’s activity compliance to the legislation regulating its activity, protection of information flows, regulation of the company’s activity and its employees in the course of implementation of services in the stock market, establishment of ethical standards of behavior of employees, counteraction to fraud and corruption, and many others (Mills, 2013).
In world practice of the financial institutions, there are many cases when owing to omissions in the sphere of compliance the organization lost the clients, contractors and sustained substantial damages. In this regard, the compliance policy is carried out in the world organizations for many years, and it is not just about the financial institutions, but also manufacturing enterprises, medicine, trade, government and many other branches. In many jurisdictions and at various financial institutions, the concept of compliance includes different directions, such as investment compliance (regulates issues of the correct and honest sale of investment products), tax compliance (governs the maximum tax compliance), principles of the fair relation to clients (Treat Customer Fairly) and fair crediting (Fair Lending Policy), use of personal information, etc. (Tarantino, 2008).
The importance of all the above-mentioned areas of compliance is difficult to overestimate since, finally, all of them are directed not only on protection of the company’s reputation and business owner’s and clients’ interests, but also, in general, on the maintenance of correct economic processes and economic development by means of decriminalization of the financial activity and creation of the competitive environment. Nevertheless, it should be noted that the concept and the content of compliance control have not been accurately defined still. Experts describe them differently, while its content is constantly developing and supplemented due to the occurring changes and needs of the bank and financial sphere. Some scientists reduce this term to control business ethics norms observance though the concept of compliance control that is broader than the concept of business ethics, which is focused on the observance of rules of good behavior both within the organization and in the relations with the outside world. First of all, compliance experts supervise the bank to operate according to its own rules, current legislation, code of good behavior and the best practice in order to avoid risk of violations in bank functioning (Mills, 2013).
The main task of the relevant special structural division created in a bank is to ensure the creation of a credit institution’s internal control system that adequately measures and operates risks faced by the organization and, especially, compliance risk. Compliance risk is a risk of the application of legal sanctions, claims of the supervisory authorities, essential financial losses or reputation loss, which may be faced by the bank in case of non-compliance with the legislation in the sphere of counteraction of legalization of income obtained in a criminal way, financing of terrorist activity, rules of internal control, and other local regulations of the bank. In this regard, the main duty of the compliance professionals is the implementation of the effective support of the business functions activity for the compliance with relevant laws and requirements of internal and external regulations within the bank (Hampton, 2011). Nowadays, compliance management and ethics of the financial company refer to its most pressing risks. Reputation and compliance with laws are the areas most subjected to the risks faced by the financial industry of today (see Fig. 1).
As a rule, the main document is the Code of conduct, which regulates the standards of the organization staff behavior at interaction with clients, other employees, contractors, suppliers, supervisory authorities and other third parties faced by one or another employee when executing the professional duties and extending on alike systems of the business principles, business integrity, company assets and so forth. Besides the Code of conduct, the following documents are developed: Code of Ethics, Gift policy, Whistleblowing policy, Financial Crime and Fraud Prevention, Fight against Money Laundering and Terrorist Financing, Policy of “the Chinese walls”, etc. (“Financial services regulation”, n.d.).
Historical Background of Compliance within the Financial Services Industry
The first contribution to the compliance in financial services industry creation was made in 1963, when the Supreme Court of Delaware in Graham v. Allis-Chalmers Manufacturing Co. case abolished the principle, according to which directors of the companies were responsible for creation of the structure, which would provide the implementation of the requirements of the legislation. Thus, in the USA, the opinion was formed at that time and there was its legislative registration, according to which directors and officials could not be afraid of that legislature or courts would consider and, furthermore, interfere with the internal systems of monitoring elected by the companies to ensure compliance with the laws (Bishop, 2007).
The following step was the investigation results obtained by the U.S. Securities and Exchange Commission in the mid-seventies according to which more than 400 American companies recognized that they carried out disputable or illegal payments to foreign civil servants, politicians and political parties in the amount of more than $300 million. The whole range of violations was revealed: from bribes given to the foreign senior officials in order to ensure favorable action for companies by foreign government agencies to so-called “stimulating payments,” which were made for the foreign civil servants to execute certain ministerial or technical functions (MacKessy, 2010).
In 1996, the Court of Chancery in the State of Delaware made a decision that circumstances changed and now the management of corporations had to bear some responsibility for their companies. This decision was approved by the Supreme Court only in 2006 that became an important stage on a way from a full inattention to the internal compliance to the requirement that were in the companies of this business field (MacKessy, 2010). Another significant event was the adoption of the Sarbanes-Oxley Act that took place in 2002 and considerably toughened the requirements to financial reporting of the companies and the process of its preparation, which was the result of numerous corporate scandals associated with unfair managers of large corporations. According to the Act, open joint stock companies adopted a new regime for the control and regulation of financial activities, and essential changes in the area of management and requirements to information disclosure were also made. In particular, essential protection of corporate whistleblowers (employees who report about shortcomings of the company’s activity) from retaliation by the management of the company was adopted (“Public law”, 2002).
Functions of Compliance Professionals
In many companies, compliance risk management began to develop as a separate specialization since universal approach to risks does not work any more, and the assessment of compliance risks gradually turns into a continuous dynamic process. Besides, the relevant compliance specialists are faced by a singular problem, namely the work with the unforeseen and unexpectedly arisen risks before they become a big compliance problem. In addition, the role of an assessment of compliance risks of the third parties grows, which is also one of the major determinants of today’s need in compliance specialists. The key purpose of compliance professionals is to reduce the risk of loss of business reputation of the organization and impose judicial sanctions or sanctions from the regulator, including the fines arising in case of non-compliance with the legislation and regulations (Simpson, n.d.). In their recent report, the NASD experts stated that the number of non-compliance cases commonly faced by the most financial organizations dropped in 2006 to 1,147, which is approximately 200 times less than in 2005, and the total amount of the charged penalties decreased twice. Such results were achieved by means of the global implementation of compliance services into the financial industry (Nosal, 2007).
The compliance experts provide consulting support concerning application of laws, rules and standards related to the management of compliance risks, including informing on the last changes in this sphere. Since the role of compliance service is rather significant for the financial sphere now, the amount of specialists is not enough, and the probability of compliance risks in the financial sphere is dramatically growing due to the fluctuating world economy, compliance experts assist the executive agencies in personnel training on Compliance. This function is some kind of contact point in bank due to the inquiries of employees on this subject. The main function of compliance experts is analytical, which is directed on the identification, assessment, and analysis of the current and potential compliance risks. Compliance experts also perform a controlling function since they give an assessment of compliance of procedures and bank instructions to the current legislation, rules and business standards, check timeliness of elimination of the revealed shortcomings, and send reports on results of inspections to the bank executive bodies (“Consideration of laws and regulations in an audit of financial statements”, 2012).
Centralized compliance within the credit organizations is engaged in the monitoring of changes of the legislation and control of compliance of internal regulatory base of the credit organization to the current legislation, professional codes and standards of business ethics. Compliance employees perform monitoring, assessment and management of compliance risks according to the internal techniques of an assessment and management of compliance risks. Other duties of compliance services in the credit organizations is the preparation and coordination of domestic policy and compliance procedures for employees and the regulation of the conflicts of interests and prevention of the insider information use (Tarantino, 2008).
Compliance services carry out consultation of business units on the application of normative documents of the regulator and conduct training of employees on complying with the policies and procedures of compliance. Besides, compliance specialists perform the function of interaction with the regulator, including interaction during inspections carried out by the regulator, and coordination of correspondence with the regulator (probably, in specific areas). Abovementioned and other functions are carried out by compliance experts, depending on features of the credit organization and its strategic objectives and tasks (Simpson, n.d.).
Besides, it should be especially noted that the functionality of compliance services is closely connected with certain areas of work of such financial units as internal audit, financial monitoring, legal service, unit of operational risks, security service, and HR department. Tasks of compliance services include the construction of system of rules and procedures within the organization, adapting normative documents of the regulator, and ensuring the control of their observance. Realizing this task, compliance experts introduce the compliance policy in the organization, as well as the methodology of an assessment of compliance risks, rules of information exchange between units for effective management of compliance risks, policy and procedures of compliance of the organization activity and its internal documents to the current legislation, ethics codes, etc. In addition, compliance specialists carry out regular monitoring and an assessment of compliance risks of the organization and, if necessary, inform the management on arising any potential compliance risks (“Consideration of laws and regulations in an audit of financial statements”, 2012).
In its turn, the branch of internal control carries out a systematical check of activity of divisions, including compliance as the structure created for observance of legal requirements and professional codes of behavior. Historically, many banks used to posses the service of financial monitoring responsible for the organization of internal control in the sphere of counteraction of income legalization, gained in a criminal way, and terrorism financing. In the case of the absence of uniform compliance unit, it is recommended to find a niche for the compliance for an effectively working interaction and distribution of duties between the compliance and financial monitoring services. Regular assessment of legal risk means close working relationship of compliance with the legal division. Compliance specialists often interact closely with the HR departments. Effective interaction between the compliance division and HR department at the initial point and during the promotion of the Code of corporate ethics in the organization is especially important (Simpson, n.d.).
Responsibility of the compliance function in the bank assists the executive bodies in effective management of compliance risks, which the bank faces. If some of the similar duties are executed by employees of different departments, the distribution of duties between departments has to be accurate. Compliance specialists have to consult executive bodies about laws, rules and standards concerning management of compliance risks including informing on the last changes in this sphere. Compliance specialists reveal, document and analyze in an anticipatory order the compliance risks connected with the bank’s activity, including development of new products, business procedures, offered establishment of new types of the economic and client relations, or essential changes in the character of these relations. If a bank has a committee on new products, compliance function has to be presented there (“Consideration of laws and regulations in an audit of financial statements”, 2012).
Compliance specialists also study the ways to assess compliance risks, for example, by means of dynamics estimates, and use these estimates for a more complete assessment of compliance risk. The technology of data combining or filtering, which can indicate potential problems of compliance risk management (for example, growing number of customer complaints, unusual transactions or payments, etc.), can be applied as a tool of dynamics indicators development. In general, functions of compliance professionals in banks will extend. First of all, it is caused by the acceleration of processes of internationalization of the financial streams and strengthening of the risks connected with operations in the capital market. A big role in this process is also played by the increased risk of deterioration of the banks’ reputation because of non-compliance with applicable laws, rules and regulations (Fitch, 2007).
Following the approach based on compliance risk analysis allows to reveal an available problem, carry out the analysis of opportunities for the minimization of risks, and undertake necessary actions for the protection of bank against the specified risks in due time. For example, due to this approach, in May 2010, the Dutch bank ABN AMRO N.V. paid $ 500,000,000 to the U.S. budget in connection with disclosure of the illegal roguish financial schemes directed on circumvention of imperative instructions, and for violation of the law on banking secrecy (The U.S. Department of Justice, 2010).
The Role of Compliance Specialists
In practice, the need for compliance specialists is caused by a certain bank’s corporate strategy. The highly skilled structure of compliance provides a high level of perception of the bank’s activity and highest management. Understanding by the organization’s board of the importance of fully and effectively functioning system of compliance control allows reducing the probability of emergence of risk of the profits loss or emergence of deliberate or inadvertent losses and risk of the business reputation loss (Fitch, 2007).
For business units, compliance may be useful as the consultant on the application of internal policies and procedures. Cooperation of compliance control specialists with business units provides identification and minimization or elimination of compliance risks at an early stage. Ideally, compliance specialists have to create the adequate monitoring system for business, including precautionary and directed on the identification of committed procedure violations and training programs. Compliance is an important link of a corporate management system of the organization as a whole. The understanding of importance and need of existence of compliance specialists for the organization begins with the senior management board and is distributed at all levels of the bank (Biegelman & Biegelman, 2008).
In any bank, which intends to conduct a legal and civilized banking, management board understands the importance and necessity of compliance specialists and, thus, provides sufficient manpower and adequate rights to information and documents to them. Therefore, it is much easier for the compliance staff to adapt to the current structure of the bank. Being a fundamental element of corporate culture of the organization, the requirement of observance of obligatory rules and procedures has to be a duty of all, without exception, employees, regardless of their positions and functionality (Fitch, 2007).
Compliance control specialists not only control compliance regulatory requirements performance, but also protect interests of the company, in particular, by means of creation and improvement of corresponding policy and procedures. During the implementation of activities in the stock market, professional participants of securities market can face risk of short-reception of profit or the material and reputation losses caused by the leakage of insider information, abuses or incorrect actions of the employees. As a result, reputation loss influences the client base in direct ratio, namely its reduction. In turn, usage in the cases forbidden by the legislation or leakage of insider information threatens the organization, in particular, the broker with the judicial proceedings and penalties. Thus, in order to protect the company against these factors, compliance specialists have to be involved (Biegelman & Biegelman, 2008).
Organizational Structure of Compliance within Financial Affiliations
Between banks, there are the considerable distinctions concerning the organization of compliance function. In larger banks, compliance employees can be in operational business divisions of bank, and in banks, carrying out the international operations, there can be compliance specialists placed at the level of the international group and own compliance employees in the subsidiary banks. In smaller banks, compliance experts can be concentrated in one division. In some banks, shave created several units in certain areas of compliance risk management, such as data protection or counteraction of income legalization gained in a criminal way and terrorism financing (Howarth & Evans, 2012).
Compliance professionals are required to achieve optimization of the organizational structure of the bank. Optimization occurs due to an accurate distribution of responsibility among the specific bank departments, exception of duplicating functions, and reductions of unnecessary organizational units. As a result of this work, the bank can get substantial savings on operating costs (Biegelman & Biegelman, 2008).
The bank has to organize its compliance function and set priorities for managing its compliance risk in accordance with its own strategy and risk management organization. For example, some banks can organize a compliance function as part of the service for operational risk management since there is a close relationship between the compliance risk and some aspects of the operational risk. Others prefer to have separate function and operational risk management function, but install the mechanisms requiring close collaboration between the two functions of compliance (Howarth & Evans, 2012).
The board of directors is responsible for overseeing the management of compliance risks in the bank. The board of directors has to approve the bank’s compliance policy, including the official document, according to which a continuous and effective compliance function is created. Executive bodies of the bank are responsible for acceptance and bringing to the attention of bank employees of compliance policy, ensuring its observance and reporting to the board of directors managing compliance risks in the bank. Bank executive bodies are responsible for creating a permanent and effective compliance function in the bank as a part of the implementation of the bank’s compliance policy (Howarth & Evans, 2012).
Ethics of Compliance
Considering one more fundamental question concerning compliance, i.e. ethics, it should be noted that if earlier everything was defined by profit and economic responsibility of the companies, nowadays, there is a legal responsibility and legislation observance in the forefront. However, in the future, the concept of ethics of business will be the main aspect for the companies. Eventually, all this is directed to the formation of “philanthropic responsibility”, i.e. aspiration to be the good global citizen (“Ethics and compliance risk management: Improving business performance and fostering a strong ethical culture through a sustainable process”, 2007).
Compliance with laws, rules and standards in the sphere of compliance has various sources including basic laws, rules and the standards accepted by legislative and supervisory authorities, market agreements, codes adopted by industry associations, and internal codes of behavior concerning the personnel of the bank. Due to the above-mentioned reasons, they are wider than legally obligatory requirements and include more general standards of reliability and ethical behavior. Compliance has to be part of corporate culture of the organization; it not the only duty of compliance experts. Nevertheless, the bank will be able to manage its compliance risks, if it has the compliance function in its structure (“Ethics and compliance risk management: Improving business performance and fostering a strong ethical culture through a sustainable process”, 2007).
Taking into account all of the above-mentioned information, it should be noted that compliance professionals are extremely important in the modern financial world, and the international practice assumes compliance control in all areas of the financial organizations. Ideally, the staff of compliance departments has to control all directions of bank activity. Nowadays, compliance becomes a tool to create competitive advantages in the market. Thus, compliance ensures the long-term prospect of stability and continuous development, both to the companies and the state. However, without the introduction of new approaches and technologies, compliance processes will be very slow and, in fact, ineffective, not able to respond quickly to constant changes in the law and process vast amounts of information. Therefore, in the future, when compliance will add a real value to the company’s sphere of activity, it will be based on the technological progress. All this will demand huge financial investments and attraction of human resources, while efficiency, profitability and reaction speed will become the main principles of work for compliance specialists.